radpostauth sql logging of bad passwords

Alan DeKok aland at deployingradius.com
Fri Apr 17 19:12:23 CEST 2009


Guy Fraser wrote:
> I thought this would be enough to make it log failed authentications :

  Yes.  But to flat-text files, not to SQL.

> post-auth {
>     reply_log
>     sql
>     sql_log

  This says "log to SQL on success".

>     exec
>     Post-Auth-Type REJECT {
>         attr_filter.access_reject

  You could put SQL logging here, too.

> The configuration has changed significantly since I last contributed to
> this project.

  The main changes are moving text from one file to another.  e.g. the
large chunks of "authorize", etc. in radiusd.conf have moved to separate
files.

  But the main configuration is still pretty much the same.  Older
configuration files can be used *almost* unchanged.

  Alan DeKok.



More information about the Freeradius-Users mailing list